<?php
namespace app\utils;
use App;
class Csrf extends \app\BaseObject{
	public function create(){
		$id = uniqid();
		$token = '_csrf-token_'.time();
		App::$app->session->set('_csrf-token1', $token);
		App::$app->session->set('_csrf-param1', $id);
		return ['token'=>$token, 'param'=>$id];
	}
	public function validate($post, $is_reload=true){
		$flag = false;
		if(isset($post[App::$app->session->get('_csrf-token1')])
			&& $post[App::$app->session->get('_csrf-token1')] == App::$app->session->get('_csrf-param1')
		){
			$flag = true;
		}
		if($is_reload){
			$this->create();
		}
		return $flag;
	}
}